Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

change awx lab to ascender lab #212

Merged
merged 2 commits into from
Oct 16, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
179 changes: 22 additions & 157 deletions content/en/docs/09/01/_index.en.md
Original file line number Diff line number Diff line change
@@ -1,190 +1,55 @@
---
title: "9.1 AWX Installation"
title: "9.1 AWX / Ascender / AAP Installation"
weight: 91
sectionnumber: 9.1
---

AWX only supports containerized installations via OpenShift, Kubernetes or Docker Compose. We have chosen to use Docker Compose to run AWX on `control0` in this techlab.

CentOS 8 doesn't provide an easy way to install AWX -- we have to solve some problems first:

* According to [AWX issue 3998](https://github.com/ansible/awx/issues/3998) the current AWX version relies on native Docker and cannot be deployed with Podman.
* Our techlab infrastructure is based on CentOS 8 which does not include Docker by default.
* Even with the official [Docker CE repository](https://download.docker.com/linux/centos/docker-ce.repo) the `docker-ce` package cannot be installed due to version conflicts with the `containerd.io` package.
* A possible solution is to install an older version of Docker CE using `yum install` with the `--nobest` switch.
* As this swith is not supported by Ansible's `yum` module we need to create some "hacks" with the `command` module.

### Task 1

* Create a playbook `prepare_for_awx.yml` that should run on the controller node.
* That playbook should first check that at least 4GB of main memory are available on the machine `control0`.
* It should than install the following packages: `epel-release`, `git` and `python3-pip`.
Get yourself familiar with the installation options for AWX, Ascender and AAP

* Have a look at the different installation documentations
* [AWX install](https://github.com/ansible/awx/blob/devel/INSTALL.md)
* [Ascender Install](https://github.com/ctrliq/ascender-install)
* [AAP Install](https://access.redhat.com/documentation/en-us/red_hat_ansible_automation_platform/)
* What is one of the advantages when installing Ascender?
* What is one of the advantages when installing AAP?
{{% details title="Solution Task 1" %}}
```bash
$ cat prepare_for_awx.yml
---
- name: prepare for awx installation
hosts: controller
become: true
tasks:
- name: check that at least 4GB are available
fail:
when: ansible_memtotal_mb < 3900
- name: install required software
yum:
name:
- epel-release
- git
- python3-pip
state: latest
```
An advantage of Ascender is the handy install script [ascender-install](https://github.com/ctrliq/ascender-install). Another advantage is, that everything is available even without a valid subscription for Ascender.

An advantage of AAP is the availability of an rpm based installation. The downside is, that those rpm's are only available when you have a valid AAP subscription and you are logged in the Red Hat customer backend.
{{% /details %}}

### Task 2

* Extend `prepare_for_awx.yml`:
* It should add the Docker CE repository https://download.docker.com/linux/centos/docker-ce.repo to `/etc/yum.repos.d/`
* Install `docker-ce` by running `yum -y install --nobest docker-ce` in a `command` module.
* To make this idempotend, first check if it is already installed. Take care to return proper "changed" info. Use the `command` module.
* Start and enable `dockerd`.
* Add the user `ansible` to the `docker` group.
* Now, we want to install Ascender locally using k3s. The [ascender-install](https://github.com/ctrliq/ascender-install) repository from Github is checked out to the folder `/home/ansible/ascender-install` on your ascender server.
* Which file contains the configuration parameters for your installation?

{{% details title="Solution Task 2" %}}
```bash
$ cat prepare_for_awx.yml
---
...
...
...
- name: add the Docker CE repository
get_url:
url: https://download.docker.com/linux/centos/docker-ce.repo
dest: /etc/yum.repos.d/docker-ce.repo
- name: check if docker-ce is already installed
command: rpm -qi docker-ce
register: rpm_out
ignore_errors: true
changed_when: false
- name: install docker-ce
command: yum -y install --nobest docker-ce
when: rpm_out.rc != 0
- name: start and enable dockerd
service:
name: docker
enabled: yes
state: started
- name: add the user ansible to the docker group
user:
name: ansible
groups: docker
append: yes
```
/home/ansible/ascender-install/default.config.yml
```
See that the file was already prepared with the information for your lab servers.
{{% /details %}}

### Task 3

* Extend `prepare_for_awx.yml`:
* Install Docker Compose via the Python package manager (pip).
* Use the Ansible module `pip`.
* Run the installation. This may take some time.

{{% details title="Solution Task 3" %}}
```bash
$ cat prepare_for_awx.yml
...
...
...
- name: install Docker Compose via the Python package manager
pip:
name: docker-compose
cd /home/ansible/ascender-install
sudo ./setup.sh
```
{{% /details %}}

### Task 4

* Extend `prepare_for_awx.yml`:
* Clone the AWX source from [GitHub](https://github.com/ansible/awx.git).
* Use Ansible's `git` module to store the cloned repo under `/home/ansible/techlab/awx/`.
* Choose a dedicaded version (i.e. 14.0.0), take a look at [AWX Releases]/https://github.com/ansible/awx/releases) for the current stable version.
* Make sure that the directory with the AWX sources is readable and writable by the user `ansible`.
* Log in to Ascender using the username and password provided by the teacher.
* In which file are the credentials defined?

{{% details title="Solution Task 4" %}}
```bash
$ cat prepare_for_awx.yml
...
...
...
- name: clone the AWX sources
git:
repo: https://github.com/ansible/awx.git
dest: /home/ansible/techlab/awx
version: 14.0.0
become: no
```
{{% /details %}}

### Task 5

* Activate the docker group for current user: Log out and log in again as user `ansible` to `control0`.
* Change directry to `/home/ansible/techlab/awx/installer`
* Optional: Edit the file `inventory` and change the values of `admin_user` and `admin_password` (or keep the defaults: "admin" and "password").
* Run the installer: `ansible-playbook -i inventory install.yml`
* Before running the installer, ensure nothing is running on port 80: `sudo ss -tunap | grep :80`
Otherwise, the `awx_web` container is unable to come up.
* With your Web Browser connect to `http://<IP of control0>`. You should see a login form and be able to log in.

{{% details title="If the installer fails due to a docker_service module" %}}
The installer might fail because a role still uses the `docker_service` module.
In such a case, you will see the following output:
```
ERROR! [DEPRECATED]: community.general.docker_service has been removed. Use community.docker.docker_compose instead.
This feature was removed from community.general in version 2.0.0. Please update your playbooks.
/home/ansible/ascender-install/default.config.yml
```

To rectify this issue, replace the `docker_service` module with `docker_compose` in the affected role:
```bash
FILE=/home/ansible/techlab/awx/installer/roles/local_docker/tasks/upgrade_postgres.yml
sed -i 's/docker_service/docker_compose/' $FILE
```
{{% /details %}}

{{% details title="Solution Task 5" %}}
```bash
$ logout
Connection to 192.168.122.30 closed.
$ ssh [email protected]
[email protected]'s password: ********
...
$ groups
ansible docker
$ cd /home/ansible/techlab/awx/installer/
$ vim inventory # change admin_user and admin_password
$ ansible-playbook -i inventory install.yml

PLAY [Build and deploy AWX] ******************************************************************************************************************************************************************

TASK [Gathering Facts] ***********************************************************************************************************************************************************************
ok: [localhost]

TASK [check_vars : include_tasks] ************************************************************************************************************************************************************
skipping: [localhost]
...
...
...
TASK [local_docker : Start the containers] ***************************************************************************************************************************************************
changed: [localhost]

TASK [local_docker : Update CA trust in awx_web container] ***********************************************************************************************************************************
changed: [localhost]

TASK [local_docker : Update CA trust in awx_task container] **********************************************************************************************************************************
changed: [localhost]

PLAY RECAP ***********************************************************************************************************************************************************************************
localhost : ok=16 changed=8 unreachable=0 failed=0 skipped=86 rescued=0 ignored=0
```

Go to http://192.168.122.30 and enter admin name and password:

![AWX Login](awx001.png)
{{% /details %}}
Binary file removed content/en/docs/09/01/awx001.png
Binary file not shown.
59 changes: 0 additions & 59 deletions content/en/docs/09/02/_index.en.md

This file was deleted.

Binary file removed content/en/docs/09/02/awx002.png
Binary file not shown.
Binary file removed content/en/docs/09/02/awx003.png
Binary file not shown.
Binary file removed content/en/docs/09/02/awx004.png
Binary file not shown.
Binary file removed content/en/docs/09/02/awx005.png
Binary file not shown.
Binary file removed content/en/docs/09/02/awx006.png
Binary file not shown.
Binary file removed content/en/docs/09/02/awx007.png
Binary file not shown.
Binary file removed content/en/docs/09/02/awx008.png
Binary file not shown.
Binary file removed content/en/docs/09/02/awx009.png
Binary file not shown.
Binary file removed content/en/docs/09/02/awx010.png
Binary file not shown.
Binary file removed content/en/docs/09/02/awx011.png
Binary file not shown.
Binary file removed content/en/docs/09/02/awx012.png
Binary file not shown.
6 changes: 3 additions & 3 deletions content/en/docs/09/_index.en.md
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
---
title: 9. AWX/Ansible Tower
title: 9. AWX
weight: 90
sectionnumber: 9.2
---

AWX ist the upstream/community edition of Ansible Tower, hosted on [GitHub](https://github.com/ansible/awx).
[AWX](https://github.com/ansible/awx) provides a web-based user interface, REST API, and task engine built on top of Ansible. CIQ's [Ascender](https://ciq.com/products/ascender/) and Red Hat's [AAP](https://www.redhat.com/en/technologies/management/ansible) are based on AWX.

The following Labs will install AWX on the contoller machine of this lab environment.
Since the installation of Ascender is the most convenient, we use Ascender as the tool to learn about AWX Automation Platform.